[fga] check some admin functions #18562
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
svenefftinge
force-pushed
the
se/more-fga
branch
from
e8f8742 to
09cdbba
Compare
geropl
reviewed
Aug 21, 2023
| .createQueryBuilder("team") | ||
| .where("LOWER(team.name) LIKE LOWER(:searchTerm)", { searchTerm: `%${searchTerm}%` }) | ||
| let queryBuilder = teamRepo.createQueryBuilder("team"); | ||
| if (searchTerm) { |
|
Testing now... |
geropl
approved these changes
Aug 21, 2023
geropl
reviewed
Aug 21, 2023
svenefftinge
force-pushed
the
se/more-fga
branch
from
09cdbba to
72a5621
Compare
|
/unhold |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
adds permission checks for:
adminBlockUser(req: AdminBlockUserRequest)adminVerifyUser(id: string)adminModifyRoleOrPermission(req: AdminModifyRoleOrPermissionRequest)adminModifyPermanentWorkspaceFeatureFlag(req: AdminModifyPermanentWorkspaceFeatureFlagRequest)adminCreateBlockedRepository(urlRegexp: string, blockUser: boolean)adminDeleteBlockedRepository(id: number)adminGetBlockedRepositories(req: AdminGetListRequest<BlockedRepository>)adminGetTeams(req: AdminGetListRequest<Team>)adminGetBillingMode(attributionId: string)adminGetBlockedEmailDomains()adminSaveBlockedEmailDomain(entry: EmailDomainFilterEntry)Summary generated by Copilot
🤖 Generated by Copilot at e8f8742
This pull request adds installation-level and user-level permission checks using Spicedb and the
Authorizerservice. It also refactors some methods in theGitpodServerImpland theTeamDBclasses, and adds new tests and schema definitions for the new permissions.Related Issue(s)
Fixes #
How to test
Documentation
Preview status
Gitpod was successfully deployed to your preview environment.
Build Options
Build
Run the build with werft instead of GHA
Run Leeway with
--dont-testPublish
Installer
Add desired feature flags to the end of the line above, space separated
Preview Environment / Integration Tests
If enabled this will build
install/previewIf enabled this will create the environment on GCE infra
Valid options are
all,workspace,webapp,ide,jetbrains,vscode,ssh. If enabled,with-previewandwith-large-vmwill be enabled./hold